When using LDAP as the primary authentication method we've found that users are served site policies seemingly randomly. New users (whose account is being created for the first time via LDAP auth) and some returning users who for some reason were not served the policy upon login never actually see the policy no matter what we try.
I even tried deleting accounts that had not seen the policy (in test) and having those users create new accounts by connecting via LDAP, still the policy was never served.
What could be causing this redirect issue? Is LDAP ignoring the policy redirect? Can we address this from the authentication plugin? Or is it a policy issue?